Microsoft Patch Tuesday March 2026

Published: 2026-03-10. Last Updated: 2026-03-10 17:33:47 UTC
by Johannes Ullrich (Version: 1)

Microsoft today released patches for 93 vulnerabilities, including 9 vulnerabilities in Chromium affecting Microsoft Edge. 8 of the vulnerabilities are rated critical. 2 were disclosed prior to today but have not yet been exploited. This update addresses no already-exploited vulnerabilities.

Disclose vulnerabilities:

CVE-2026-26127: A denial of service vulnerability in .Net. Microsoft considers exploitation unlikely. The issue arises from an out-of-bounds read and can be exploited across the network. No authentication is required.

CVE-2026-21262: A privilege escalation in SQL Server. An authenticated user may be able to escalate privileges to sysadmin.

Critical Vulnerabilities:

CVE-2026-21536: The vulnerability in Microsoft's Devices Pricing Program allows remote code execution. But this product is only offered as a cloud service, and Microsoft has already deployed the patch. Microsoft credits the AI vulnerability scanning platform XBOW with discovering this vulnerability.

CVE-2026-26125: Similar to the above vulnerability, this elevation-of-privilege vulnerability in Microsoft's Payment Orchestrator service has been mitigated by Microsoft.

CVE-2026-26113, CVE-2026-26110, CVE-2026-26144: These vulnerabilities affect Excel and Office.

CVE-2026-23651, CVE-2026-26124, CVE-2026-26122: These vulnerabilities affect Microsoft ACI Confidential Containers. No customer action is required. Microsoft already patched these issues.

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
.NET Denial of Service Vulnerability
CVE-2026-26127	Yes	No	-	-	Important	7.5	6.5
.NET Elevation of Privilege Vulnerability
CVE-2026-26131	No	No	-	-	Important	7.8	6.8
ASP.NET Core Denial of Service Vulnerability
CVE-2026-26130	No	No	-	-	Important	7.5	6.5
Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2026-25177	No	No	-	-	Important	8.8	7.7
Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2026-26117	No	No	-	-	Important	7.8	6.8
Azure IOT Explorer Spoofing Vulnerability
CVE-2026-26121	No	No	-	-	Important	7.5	6.5
Azure IoT Explorer Information Disclosure Vulnerability
CVE-2026-23664	No	No	-	-	Important	7.5	6.5
CVE-2026-23661	No	No	-	-	Important	7.5	6.5
CVE-2026-23662	No	No	-	-	Important	7.5	6.5
Azure MCP Server Tools Elevation of Privilege Vulnerability
CVE-2026-26118	No	No	-	-	Important	8.8	7.7
Broadcast DVR Elevation of Privilege Vulnerability
CVE-2026-23667	No	No	-	-	Important	7.0	6.1
Chromium: CVE-2026-3536 Integer overflow in ANGLE
CVE-2026-3536	No	No	-	-	-
Chromium: CVE-2026-3538 Integer overflow in Skia
CVE-2026-3538	No	No	-	-	-
Chromium: CVE-2026-3539 Object lifecycle issue in DevTools
CVE-2026-3539	No	No	-	-	-
Chromium: CVE-2026-3540 Inappropriate implementation in WebAudio
CVE-2026-3540	No	No	-	-	-
Chromium: CVE-2026-3541 Inappropriate implementation in CSS
CVE-2026-3541	No	No	-	-	-
Chromium: CVE-2026-3542 Inappropriate implementation in WebAssembly
CVE-2026-3542	No	No	-	-	-
Chromium: CVE-2026-3543 Inappropriate implementation in V8
CVE-2026-3543	No	No	-	-	-
Chromium: CVE-2026-3544 Heap buffer overflow in WebCodecs
CVE-2026-3544	No	No	-	-	-
Chromium: CVE-2026-3545 Insufficient data validation in Navigation
CVE-2026-3545	No	No	-	-	-
GDI Remote Code Execution Vulnerability
CVE-2026-25190	No	No	-	-	Important	7.8	6.8
GDI+ Information Disclosure Vulnerability
CVE-2026-25181	No	No	-	-	Important	7.5	6.5
GitHub: CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable
CVE-2026-26030	No	No	-	-	Important	9.9	8.6
GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability
CVE-2026-23654	No	No	-	-	Important	8.8	7.7
Hybrid Worker Extension (Arc?enabled Windows VMs) Elevation of Privilege Vulnerability
CVE-2026-26141	No	No	-	-	Important	7.8	6.8
Linux Azure Diagnostic extension (LAD) Elevation of Privilege Vulnerability
CVE-2026-23665	No	No	-	-	Important	7.8	6.8
MapUrlToZone Security Feature Bypass Vulnerability
CVE-2026-23674	No	No	-	-	Important	7.5	6.5
Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
CVE-2026-23651	No	No	-	-	Critical	6.7	6.0
CVE-2026-26124	No	No	-	-	Critical	6.7	6.0
Microsoft ACI Confidential Containers Information Disclosure Vulnerability
CVE-2026-26122	No	No	-	-	Critical	6.5	5.7
Microsoft Authenticator Information Disclosure Vulnerability
CVE-2026-26123	No	No	-	-	Important	5.5	4.8
Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability
CVE-2026-26148	No	No	-	-	Important	8.1	7.3
Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2026-25167	No	No	-	-	Important	7.4	6.4
Microsoft Devices Pricing Program Remote Code Execution Vulnerability
CVE-2026-21536	No	No	-	-	Critical	9.8	8.5
Microsoft Excel Information Disclosure Vulnerability
CVE-2026-26144	No	No	-	-	Critical	7.5	6.5
Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-26112	No	No	-	-	Important	7.8	6.8
CVE-2026-26107	No	No	-	-	Important	7.8	6.8
CVE-2026-26108	No	No	-	-	Important	7.8	6.8
CVE-2026-26109	No	No	-	-	Important	8.4	7.3
Microsoft Office Elevation of Privilege Vulnerability
CVE-2026-26134	No	No	-	-	Important	7.8	6.8
Microsoft Office Remote Code Execution Vulnerability
CVE-2026-26113	No	No	-	-	Critical	8.4	7.3
CVE-2026-26110	No	No	-	-	Critical	8.4	7.3
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2026-26114	No	No	-	-	Important	8.8	7.7
CVE-2026-26106	No	No	-	-	Important	8.8	7.7
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-26105	No	No	-	-	Important	8.1	7.1
Multiple UNC Provider Kernel Driver Elevation of Privilege Vulnerability
CVE-2026-24283	No	No	-	-	Important	8.8	7.7
Payment Orchestrator Service Elevation of Privilege Vulnerability
CVE-2026-26125	No	No	-	-	Critical	8.6	7.7
Performance Counters for Windows Elevation of Privilege Vulnerability
CVE-2026-25165	No	No	-	-	Important	7.8	6.8
Push message Routing Service Elevation of Privilege Vulnerability
CVE-2026-24282	No	No	-	-	Important	5.5	4.8
SQL Server Elevation of Privilege Vulnerability
CVE-2026-21262	Yes	No	-	-	Important	8.8	7.7
CVE-2026-26115	No	No	-	-	Important	8.8	7.7
CVE-2026-26116	No	No	-	-	Important	8.8	7.7
System Center Operations Manager (SCOM) Elevation of Privilege Vulnerability
CVE-2026-20967	No	No	-	-	Important	8.8	7.7
Win32k Elevation of Privilege Vulnerability
CVE-2026-24285	No	No	-	-	Important	7.0	6.1
Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability
CVE-2026-24291	No	No	-	-	Important	7.8	6.8
Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability
CVE-2026-25186	No	No	-	-	Important	5.5	4.8
Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability
CVE-2026-23660	No	No	-	-	Important	7.8	6.8
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-24293	No	No	-	-	Important	7.8	6.8
CVE-2026-25176	No	No	-	-	Important	7.8	6.8
CVE-2026-25178	No	No	-	-	Important	7.0	6.1
CVE-2026-25179	No	No	-	-	Important	7.0	6.1
Windows App Installer Spoofing Vulnerability
CVE-2026-23656	No	No	-	-	Important
Windows Authentication Elevation of Privilege Vulnerability
CVE-2026-25171	No	No	-	-	Important	7.0	6.1
Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability
CVE-2026-23671	No	No	-	-	Important	7.0	6.1
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2026-24292	No	No	-	-	Important	7.8	6.8
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-25189	No	No	-	-	Important	7.8	6.8
Windows Device Association Service Elevation of Privilege Vulnerability
CVE-2026-24295	No	No	-	-	Important	7.0	6.1
CVE-2026-24296	No	No	-	-	Important	7.0	6.1
Windows Extensible File Allocation Table Elevation of Privilege Vulnerability
CVE-2026-25174	No	No	-	-	Important	7.8	6.8
Windows Graphics Component Denial of Service Vulnerability
CVE-2026-25168	No	No	-	-	Important	6.2	5.4
CVE-2026-25169	No	No	-	-	Important	6.2	5.4
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2026-23668	No	No	-	-	Important	7.0	6.1
Windows Graphics Component Information Disclosure Vulnerability
CVE-2026-25180	No	No	-	-	Important	5.5	4.8
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2026-25170	No	No	-	-	Important	7.0	6.1
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2026-24297	No	No	-	-	Important	6.5	5.7
Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-24287	No	No	-	-	Important	7.8	6.8
CVE-2026-24289	No	No	-	-	Important	7.8	6.8
CVE-2026-26132	No	No	-	-	Important	7.8	6.8
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2026-24288	No	No	-	-	Important	6.8	5.9
Windows NTFS Elevation of Privilege Vulnerability
CVE-2026-25175	No	No	-	-	Important	7.8	6.8
Windows Print Spooler Remote Code Execution Vulnerability
CVE-2026-23669	No	No	-	-	Important	8.8	7.7
Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-24290	No	No	-	-	Important	7.8	6.8
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2026-23673	No	No	-	-	Important	7.8	6.8
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2026-25172	No	No	-	-	Important	8.8	7.7
CVE-2026-25173	No	No	-	-	Important	8.0	7.0
CVE-2026-26111	No	No	-	-	Important	8.8	7.7
Windows SMB Server Elevation of Privilege Vulnerability
CVE-2026-24294	No	No	-	-	Important	7.8	6.8
CVE-2026-26128	No	No	-	-	Important	7.8	6.8
Windows Shell Link Processing Spoofing Vulnerability
CVE-2026-25185	No	No	-	-	Important	5.3	4.6
Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability
CVE-2026-25166	No	No	-	-	Important	7.8	6.8
Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-25188	No	No	-	-	Important	8.8	7.7
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2026-23672	No	No	-	-	Important	7.8	6.8
Winlogon Elevation of Privilege Vulnerability
CVE-2026-25187	No	No	-	-	Important	7.8	6.8

--
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

Keywords: patch Tuesday Microsoft

0 comment(s)

ISC Stormcast For Tuesday, March 10th, 2026 https://isc.sans.edu/podcastdetail/9842

Internet Storm Center

Microsoft Patch Tuesday March 2026

Comments